Security
      Back to home
      1. Help Center
      2. Security

      Considerations for adopting 2FA

      Learn more about the 2FA Reloadly offer to secure your developer portal

      Context

      Second factor authentication, popularly known as 2FA is an industry best practice to prevent unauthorized users from accessing your data.


      2FA leverages a second level of authentication, typically a OTP (One time password) delivered to a mobile device, a 2FA app like Okta or Google Authenticator, a fingerprint reader etc. The end result is, only the authorized user who is in possession of the physical device to which the verification challenge is sent, can approve the request, and hence gain access to the protected content.

      2FA Usage in the Reloadly Platform

      Reloadly promotes strong, industry standard security best practices. 2FA has always been offered as an opt-in feature for signing in to the Reloadly Portal and accessing sensitive data in the portal. Going forward, as a best practice, we would be enforcing 2FA. This is to protect your data from unauthorized access.

      Points to Consider

      • If your Reloadly account is accessed by a single administrative user, you should be able to go ahead and enable 2FA right away.
      • If you are a large enterprise, and your Reloadly account is managed by an IT Ops department, the situation needs some consideration. In this case, probably your account will be accessed by a Finance person, a Developer, etc.
      • For multi user access, you should create users with the proper role like FINANCE, and DEVELOPER in your account. These roles give access to specific resources which further strengthen security.
      • Each user in a multi-user context for an account should enable 2FA independently.
      • The Portal password should never be shared between your co-workers. You are free to create as many users in your organization you may need, and you could revoke access any time. 
      • In essence, if you have a multi-user account access scenario, take the following actions:
        • Have the primary user for your account, change the portal password.
        • Enable 2FA for themselves.
        • Create other users with suitable roles in the portal.
        • The other team members, once they login using their own Reloadly portal credentials, would set up 2FA for themselves thus safeguarding their credentials.